securekomodo:~#

hacker of things

log2timeline is a single tool to parse through log files and artifacts recursively, eliminating the need to accomplish the same task through other manual processes.It produces a formatted timeline in (.CSV) format that can be viewed in excel or other spreadsheet applications to be analyzed by a forensic investigator or analyst. The timeline will show all recognized events (which is a dynamically growing list) in the order in which the event occurred.

The tool is essentially a front-end for other smaller scripts (modules) that actually perform the work. Originally developed in Perl for Linux, it can also be operated on a Windows OS or Mac OS. And it has since been re-engineered in Python

A tool like this is important in a forensic analysis because one of the first steps in any investigation is establishing some sort of timeline, to build a stronger case for or against the accused.